#!/usr/bin/perl $head="viewsource-head.html"; $foot="viewsource-foot.html"; print "Content-type: text/html\n\n"; $file="$ENV{QUERY_STRING}\n"; $file =~ s/\.\./__/g; # get rid of any '..' sequences $file =~ s/http:\/\/www.intuitive.com//; $file =~ s/http:\/\/new.intuitive.com//; if ( $file =~ /^\//) { &catfile($head); print "
"; print "

Error: Can't view the source of fully qualified filenames

\n"; &catfile($foot); exit 0; } if ( ! ( $file =~ /^[A-Za-z0-9\.-\/]+$/ ) ) { &catfile($head); print "
"; print "

Error: Illegal character; can't go beyond simple filenames.

\n"; &catfile($foot); exit 0; } if ( $file eq "" ) { $file="index.shtml"; } elsif ( $file eq "FAQ/" ) { $file="FAQ/index.html"; } &catfile($head); print "
$file\n"; print "

\n"; print "

\n";

&showsource($file);

print "
\n"; print "

\n"; print "
\n"; &catfile($foot); exit 0; sub catfile { my $file=$_[0]; if (open INF, $file) { while () { print $_; } close INF; } } sub showsource { $file=$_[0]; if (open INF, $file) { print "\n"; while () { $_ =~ s//\>/g; print $_; } print "\n"; close INF; } else { print "
Sorry, couldn't open file $file

\n"; } }